[34137] in North American Network Operators' Group
Re: Proactive steps to prevent DDOS?
daemon@ATHENA.MIT.EDU (John Payne)
Mon Jan 29 12:43:14 2001
Date: Mon, 29 Jan 2001 09:40:36 -0800
From: John Payne <john@sackheads.org>
To: Valdis.Kletnieks@vt.edu
Cc: Sean Capshaw <scapshaw@yahoo.com>, nanog@merit.edu
Message-ID: <20010129094036.G26035@haybaler.sackheads.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200101291634.f0TGYBP2052612@black-ice.cc.vt.edu>; from Valdis.Kletnieks@vt.edu on Mon, Jan 29, 2001 at 11:34:10AM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, Jan 29, 2001 at 11:34:10AM -0500, Valdis.Kletnieks@vt.edu wrote:
> On Mon, 29 Jan 2001 08:16:27 PST, Sean Capshaw <scapshaw@yahoo.com> said:
> > of the bulk of that ICMP traffic, then change your
> > filters to discard ICMP to the host under attack while
> > in parallel notify the NOC of the source or
> > intermediary involved
>
> *attempt* to notify the NOC....
Oh, I never had problems notifying NOCs...
getting them to *do* something or call someone is the trick.
I can't remember which large ISP it was that told me that the
only way I'd be connected to their network was if I was a customer
with a customer number. "i don't think so"
--
John Payne http://www.sackheads.org/jpayne/ john@sackheads.org
http://www.sackheads.org/uce/ Fax: +44 870 0547954
To send me mail, use the address in the From: header
